This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.

@Lohoris this question may be slightly different because it asks if there is any theoretical way to make such a P2P system impervious, not only to block rewrites but forward control in general. The prior question was phrased to focus on rewrites.
– Shelby Moore IIIMar 28 '13 at 0:15

2 Answers
2

A brute force hack would not work. Image a computer capable of expelling the lowest amount of energy conceivable to record a change in a bit from 1-0 or 0-1. Now take this computer and make it on the scale of our sun. Also imagine we can cool this computer to near zero kelvin with no other energy input. All input energy goes into changing bits and that's it.

Now take all the power our sun will make in its lifetime, and power the computer with it. It will take longer than imaginable to even just simple count to 2^256 let alone try to brute force attack a sha-256 algorithm. So brute force will never work.

--

You must gain more computing power than 50% of the network. This means on average you will create more block solvers than the <50%.

But wait again you need to account for the blockchain to date, so once you get this computer power you must now create a new fake blockchain which will take time; (Currently it take 8 hours to download the full chain, imagine how long it would take to compute it!) your new blockchain must be made (this is the whole point of the attack change the blockchain so you have more btc).

So assuming you have time to create this new blockchain, no everyone must accept it. It is in the bitcoin protocol to accept the longest blockchain to date, because it has the most transactions the most knowledge of the entire system.

So you create this blockchain and send it to everyone, they all then proceed to take their 8 hours to get the new blockchain, but wait.... why is there a new blockchain everyone would say!?

It would be obvious someone has made a new one because you are downloading it as if this is the first time on the network. And the real smart people who write bitcoin protocol would be very privy to this, and at the least have 8 hours to react. It would be to obvious.

--

The only real way I think to hurt bitcoin is to buy up all the coins, or release a whole bunch of coins into circulation greatly affecting prices.

But this would even be sorted out by the bitcoin design.

The price drops, people stop mining because it become less profitable. Cause the miners stop difficulty goes down, more people mine because it is profitable because the difficulty is so easy they can make enough btc to cover their costs, bitcoin is up and running again.

Could a motivated party just cause chaos by introducing a forged blockchain on mass from 51% of servers thereby just making a severe mess by sort of colliding the two blockchains, ie creating double spend opportunities that would be a mess to sort out?
– yadayadaMar 25 '13 at 22:41

Well a node will, by protocol, only accept the longest valid blockchain. If someone you are connected to still will give you that blockchain, the others should fall leaving the one we have all been working on since 2009. It is very hard to forge a blockchain that is not thrown away instantly because it is not valid i.e. has the proper hashes, which takes years to get right... 51% is like saying survival of the fittest, the creator of the idea never said it and didn't mean that exactly. I think you are taking 51% to much to heart, it does not apply to block-chain issuance.
– KDeckerMar 26 '13 at 11:21

I really don't think you can ever prevent a "51% attack" without compromising some anonymity or decentralization.

Imagine you walk into a room, you don't know anybody (anonymity) and you don't trust anybody (decentralization). In this case, you can only trust the majority. If the majority is lying ("51% attack") then you are going to be fooled.

You can "solve" this by creating some kind of trust chain (e.g. I trust "guy A" who trust "guy B" who trust "guy C" .. so I trust guy C. However in this case, I must know guy A and guy A must know guy B .. etc and it wouldn't be as anonymous as bitcoin.

Or you could "solve" it by creating some kind of authority, who we all trust, but in this case it wouldn't be as decentralized as bitcoin.